It’s a solution for me. 🤷

He’s right we need laws. He’s wrong that it’s a relief valve or that we take pressure off the heinous privacy violators. We aren’t even a rounding error to them. They don’t care.

That’s new, it didn’t used to do that back in the days when I used it but that was a couple years ago. Sounds like it’s just getting worse.

Eh, I’ve forgotten a lot of the details and it’s drama that I don’t care to relearn about. Easy to find online with some basic searching if you want to read about it.

It make network go very good.

Man, I haven’t seen a reference to that protocol in a very long time.

When I was studying for my first MCSE back in ancient times, my girlfriend heard me mention ‘netbeui’ and thought it was the funniest damn thing. She used to catch me throwing out all the computer jargon and just yell “NET… BOOEEEEEY” at me.

It’s a VM so technically none I guess, but my hypervisor hosts have a 4 port gigabit card and a 10 gig fiber card, plus another gigabit port on the motherboard.

OPNsense is using 6 interfaces, 2 WAN and 4 LAN, but it’s all virtualized.

Yeah I hinted at it but didn’t feel like going into it. It’s why I switched though, and happily I found OPNsense to just be better anyway.

The only one I haven’t seen mentioned here that is a requirement for me is OPNsense. I’ve been using it for a couple years, and pfSense before that for a very long time. Never going back to commercial routers and their shitty / buggy / backdoored software. I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.

On my network it handles internet firewall, internal firewall, and all routing across 5 VLANs and between two internet gateways. It does 1-1 NAT for my public IPs, inbound VPN, outbound VPN for my *arr stack, and RDNS blocklists with the data source being a script I wrote that merges from several sources and deduplicates the list. It is my internal certificate authority (I don’t miss you at all, Windows CA), DHCP for the guest wifi, and does pihole-like ad blocking via DNS for my entire network. And it does all that running in a VM with 2GB of RAM, of which it only uses about 60% on my install.

It is an incredibly powerful tool, not terribly difficult to learn, has a pretty damn good UI for FOSS, and in my opinion is a fantastic foundation for a complex home network / homelab. Unlike pfSense, which corrupted itself twice over the years I ran it, it has never let me down. And every update has been painless over the years.

If I was in your shoes I’d probably build my own hypervisor box and rent colo space for it. Strictly because your requirement to migrate VMs to your own system later is more trouble than it’s worth.

I don’t know for sure but I’d guess you would pay less for colo than renting someone’s server for a year or two. Renting bare metal is stupid expensive.

I self host Bitwarden and it’s free to self host. You only have to pay for a license if you need multiple users or want to use their cloud services, I believe. My instance is 100% self hosted and completely isolated from the internet, and it works fine.

I self host it because I self host everything, but for credential managers I would never trust any 3rd party closed source utility or cloud service. Before I used a password manager I tracked them all manually with a text file and a TrueCrypt volume. I think giving unrelated credentials to 3rd parties is asking for trouble - they definitely don’t care as much about them as you do!

If you’re going to self host any credential manager, make sure you have an appropriate backup strategy, and make sure you have at least one client synced regularly so that you can still access passwords if the server itself dies for some reason.

Same way I do at work. Different accounts and passwords for each service internally. Any service exposed to the net (game and email servers mostly) is on a segregated network and each machine has unique credentials to help prevent lateral movement. Self hosted Bitwarden tracks it all.

I do it for the same reason I require outbound firewall rules for almost everything on my home network - I’m a masochist.

All well and good until you lose another disk 2 days into re-striping. Which is not that uncommon because that puts a lot of load on the surviving disks! Remember, RAID is not a backup.

I always buy new because time spent fixing a problem or recovering data with a used drive ain’t worth it to me. It may be to you. A manufacturer refurb might be ok, in fact I do buy refurb monitors sometimes, but not data storage.

And ruin my uptime stats? Are you mad?!?!

Among the many things I run are my own email servers so, yeah gotta be up all the time. And yes I have a UPS behind every electronic device in my house except the TV because if that dies I get to buy a new one.

I’ve probably spent upwards of $2000 on UPSes and replacement batteries over the last 20 years, but if it saved even one of my servers from taking a hit it was worth it. Servers are expensive and my time is valuable to me.

So dumb. How many hobbyists will pay that? A tiny fraction. Then in 4-5 years these guys will be sitting around wondering why their new business customer numbers fell off a cliff.

Don’t bite the hand that proselytizes for you at the office.

I use Cloudflare as my registrar and public DNS. And only for that. Sorry but they don’t get to peek at my network traffic.

On-premises. Please, for the love of god.

They are making Cloud Microsoft sysadmins, as opposed to on-premises sysadmins. Which means the new crop of admins are just high tier application admins, and have no idea how to manage infrastructure, configure hardware, or actually troubleshoot problems with the application, since they don’t have access to it at that level. All of this makes businesses more and more reliant on the cloud, which is exactly what these providers want.

These companies are so short sighted. They are destroying the ability for the people who might push this software for use in a business environment to use it at home, test it out, learn it. This depletes the pool of experts and supporters that would expand their product’s use over time.

Microsoft and VMware are the worst offenders at the moment. I feel if you’re a competent on-premises Microsoft sysadmin you’ll have work for the rest of your life, because they aren’t MAKING on-premises Microsoft sysadmins anymore.

*edited my last sentence for clarity

It’s bursty; I tend to do a lot of work on stuff when I do a hardware upgrade, but otherwise it’s set it and forget it for the most part. The only servers I pay any significant attention to in terms of frequent maintenance and security checks are the MTAs in the DMZ for my email. Nothing else is exposed to the internet for inbound traffic except a game server VM that’s segregated (credential-wise and network-wise) from everything else, so if it does get compromised it would be a very minimal danger to the rest of my network. Everything either has automated updates, or for servers I want more control over I manually update them when the mood strikes me or a big vulnerability that affects my software hits the news.

TL;DR If you averaged it over a year, I maybe spend 30-60 minutes a week on self hosting maintenance tasks for 4 physical servers and about 20 VM’s.